Threat Intelligence Blog

The Year of Mobile Malware:

Posted June 13, 2013

App Downloads Double, But Many are Dubious

The Russian security research firm Kaspersky Labs recently discovered the most advanced Android Trojan to date. Dubbed “Backdoor.AndroidOS.Obad.a,” this malware can steal data stored on the device, such as the two-factor authentication codes used by banks and email, download more malware, send itself via Bluetooth to other devices, operate remotely, and even hide itself from being seen on the administrators list so it cannot be uninstalled.
Unfortunately, this is only one of many examples. There has been a huge jump in Android mobile malware in the last year alone. From 2011 to 2012, the number of samples rose from 792 to 36,699, according to researchers at McAfee. Of those, 97 percent were designed specifically to attack Google Android apps. Moreover, the amount of malware is projected to increase so much in 2013 that some are calling it the Year of Mobile Malware. To make matters worse, more than 80 billion apps are expected to be downloaded in 2013, up from 46 billion apps last year, making it easier than ever to infect unwitting consumers.

In the last year, Cyveillance researchers have discovered thousands of malicious apps “hiding in plain sight” amongst all of the others in the Google Play store. While there’s no easy way for the average app user to determine whether or not what they’re downloading is malicious, there are options to help protect your brand from being associated with them. In addition, knowing more about the risks with various platforms may help your organization make more informed decisions about the devices you deploy or support. In our upcoming blog articles, we’ll take a look at some of these issues in more detail.